Report a Vulnerability

TORIC LABS, INC (DBA Datagrid) is committed to the security of our software. As part of that commitment, we encourage responsible reporting of any perceived or potential vulnerability in our applications, submitted privately to security@datagrid.com.

Please provide as much detail as possible along with your contact information so that we can properly assess the situation and follow up with any additional questions. We thank you for your participation — as well as your discretion — in reporting. Please do not share any unresolved vulnerability with any third parties.

mail: securty@datagrid.com

Bounty Program

‍

Rewards

Critical

$500

High

$300

Medium

$200

Low

$100

Initial Communication

Upon receipt of new report

Triage

2-5 business days from receipt of new report

Bounty Payout

7-10 business days from Triage

Response to Researcher questions

2-5 days from posted question

‍

Eligibility

Datagrid reserves the right to decide the weakness and severity of a report and whether the vulnerability was previously reported. Rewards are granted entirely at the discretion of Toric.

To qualify for a reward under this program, you should:

Be the first to report a vulnerability.
Send a clear textual description of the report along with steps to reproduce the vulnerability.
Include attachments such as screenshots or proof of concept code as necessary.
Disclose the vulnerability report directly and exclusively to us.

Additionally not every report may be eligible. The systems in scope are:

app.datagrid.com
api.datagrid.com

In particular, Datagrid is looking for:

Unauthorized access to data including vulnerabilities in the authentication systems.
Credit or Account escalation.

although others reports will be considered.

Payment

Datagrid supports the following payment methods:

Bank Transfer: The bounty amount is credited to your bank account.
**any international fees will be at the cost of the reporter

‍